SEC approves key audit reforms for public companies

Gary Gensler
Securities and Exchange Commission Chair Gary Gensler
Bloomberg News

WASHINGTON —The Securities and Exchange Commission Tuesday approved a pair of updates forwarded by the Public Company Accounting Oversight Board aimed at strengthening the general responsibilities of auditors and enhancing the use of technology in audit procedures.

"I am pleased that the PCAOB is fulfilling its obligations under the Sarbanes-Oxley Act by updating its standards and rules regarding the practice of auditing," said SEC Chair Gary Gensler. "I'm proud to support the PCAOB's proposed changes to instill greater trust among investors and issuers in our markets."  

The updates to the Public Company Accounting Oversight Board standards — known as AS 1000 — consolidates and modernizes the principles governing auditors. The amendments consolidate and update various existing standards to "enhance audit quality and contribute to an increase in the credibility of financial reporting for all issuers."

The amendments to PCAOB standards enhance and clarify the auditor's responsibilities by restating their duty to protect investors, ensuring independence, and underscoring key principles auditors should utilize, including reasonable assurance, professional skepticism and due care. The new standard applies to audits for fiscal years beginning on or after December 15, 2024.

The SEC also approved amendments to its Rule 3502, which changes the standard of liability for associated persons of audit firms from recklessness to negligence. Recklessness involves consciously disregarding a significant risk, showing a more severe level of disregard for consequences. By contrast, the more broad "negligence" standard means auditors would be culpable for failing to exercise reasonable care. The board says the change is meant to ensure that individuals who negligently contribute to a registered firm's violations can be held accountable.

"The amendments to Rule 3502 are critical because moving the PCAOB contributory liability standard from recklessness to negligence aligns the rule with other negligence-based professional conduct standards," SEC Chief Accountant Paul Munter said. "Including the standard for sanctions by the Commission for individuals negligently contributing to firm violations as well as certain state professional licensing requirements, that have long governed the accounting profession." 

The amendment will apply to all audits starting 60 days after the order, but does not apply to conduct prior to the effective date.

The SEC also approved amendments proposed by the PCAOB to enhance standards around technology-assisted analysis of electronic information. Key updates focus on investigating items identified in tests of details, ensuring the reliability of electronic information, and emphasizing IT controls. The amendments also refine the definition of "test of details" and update terminology to reflect modern audit practices. The updates do not single out any particular technology used to conduct tests of accounting details, but a PCAOB release indicates the body is considering how to address specific technologies like artificial intelligence. 

"The Board should continue to research and evaluate the need for standard setting related to other types of technology used in the audit, such as artificial intelligence," the release notes. "Academics emphasized the need for the PCAOB to be forward-thinking to regulate in this area."

The changes clarify auditor responsibilities, particularly in testing details, assessing risks and evaluating the reliability of external information and apply to audits starting in fiscal years after December 15, 2025. 

These changes could particularly impact the over 350 publicly traded banks in the U.S. 

Federal securities laws require public companies, both domestic and foreign, to share critical information about their performance on an ongoing basis with investors, regulators and other stakeholders. The Sarbanes-Oxley Act of 2002 created the PCAOB as a self-regulatory organization to provide independent oversight of audits of public companies.

These institutions will need to adapt to the new audit standards and ensure robust internal controls to comply with the heightened scrutiny and potential liabilities introduced by the updated PCAOB rules. This is expected to improve the reliability of financial reporting across the banking sector, ultimately bolstering investor confidence.

Even though the PCAOB does not directly regulate banks, they regulate the auditors essential to bank filings. With the SEC's recent approval of updates to PCAOB standards, including a shift in liability standards from recklessness to negligence, public banks will likely need to prioritize quality control and compliance with their auditing partners. 

Congress passed Sarbanes-Oxley in the aftermath of the Enron collapse, which exposed significant flaws in corporate governance and auditing practices involving accounting firm Arthur Andersen. Prior to the establishment of the PCAOB, the auditing industry — including the "big four" firms — were largely self-regulated. 

For reprint and licensing requests for this article, click here.
PCAOB Regulation and compliance Capital markets
MORE FROM AMERICAN BANKER